package cn.huiyunche.bms.web.secure;

import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.credential.SimpleCredentialsMatcher;

/**
 * Created by zhaoguixin on 2017/7/13.
 */
public class CredentialsMatcher extends SimpleCredentialsMatcher {

    /*
     * 凭证验证方法
     */
    @Override
    public boolean doCredentialsMatch(AuthenticationToken token, AuthenticationInfo info) {
        Object tokenCredentials = getCredentials(token);
        Object accountCredentials = getCredentials(info);

        byte[] tokenBytes = toBytes(tokenCredentials);
        byte[] accountBytes = toBytes(accountCredentials);

        String tpwd=toString(tokenBytes);
        String apwd=toString(accountBytes);
        String enpwd="";

        String middlepwd=tpwd;
//        for(int i=0;i<AccountConst.ITERATIONS;i++){
//            enpwd=Encodes.encryptAES(middlepwd,AccountConst.SALT);
//            middlepwd=enpwd;
//        }

        return apwd.equals(tpwd);

    }
}
